Science
Permanent URI for this communityhttp://repository.kln.ac.lk/handle/123456789/1
Browse
3 results
Search Results
Item Analysis and detection of potentially harmful Android applications using machine learning(International Research Conference on Smart Computing and Systems Engineering - SCSE 2018, 2018) Kavneth, G.A.S.; Jayalal, S.With the rapid advancement of technology today, smartphones have become more and more powerful and attract a huge number of users with new features provided by mobile device operating systems such as Android and iOS. Android extended its lead by capturing 86% of the total market in 2017 (Gartner, 2017) and became the most popular mobile operating system. However, this huge demand and freedom has made the hackers and cybercriminals more curious to generate malicious apps towards the Android operating system. Thus, research on effective and efficient mobile threat analysis becomes an emerging and important topic in cybersecurity research area. This paper proposes a static-dynamic hybrid malware detecting scheme for Android applications. While the static analysis could be fast, and less resource consuming technique and dynamic analysis can be used for high complexity and deep analysis. The suggested methods can automatically deliver an unknown application for both static and dynamic analysis and determine whether Android application is a malware or not. The experimental results show that the suggested scheme is effective as its detection accuracy can achieve to 93% ∼ 100%. The findings have been more accurate in identifying Android malwares rather than separating those two static and dynamic behaviors. Furthermore, this research compares the machine learning algorithms for static and dynamic analysis of the Android malwares and compare the accuracy by the data used to train the machine learning models. It reveals Deep Neural Networks and SVM can be used for and higher accuracy. In addition, era of the training and testing dataset highly effect the accuracy of the results regarding Android applications.Item Machine learning based model for Android malware analysis and detection.(International Research Symposium on Pure and Applied Sciences, 2017 Faculty of Science, University of Kelaniya, Sri Lanka., 2017) Kavneth, G. A. S.; Jayalal, S.Rapid advancement of technology has enabled smartphones to become extremely powerful. They are capable of attracting a considerable amount of users with new features provided by mobile device operating systems such as Android and iOS. Android extended its lead by capturing 86 percent of the total market in 2017, and became the most popular mobile operating system. The Android operating system, which is found on a wide range of devices is owned by Google and powered by the Linux kernel. It is an open source operating system that enables mobile application developers to access unlocked hardware and develop new apps as they wish. However, this huge demand and freedom has made the hackers and cybercriminals more curious to generate malicious apps towards the Android operating system. They constantly target the security vulnerabilities in the operating system to gain access within the system. Even though, Google provides a primary set of security services, there are possibilities for potentially harmful applications in the Google Play store and other third party application stores. Thus, research on effective and efficient mobile threat analysis becomes an emerging and important topic in cybersecurity research area. Many researchers proposed various security analysis and evaluation strategies such as static analysis and dynamic analysis. In this research, we propose a hybrid approach, which aggregates the static and dynamic analysis for detecting security threats and attacks by Android malware application. This approach has two phases. First phase is the static analysis for applications, which will analyze the mobile application without execution. This focuses on extracting app APK file and examining permission requests made by Android apps that have declared in AndroidManifest.xml, as a means for detecting malwares. Because, in most of cases extra permissions granted by applications will allow the attacker to exploit the device. As the next phase, we perform dynamic analysis for mobile application. This phase focuses on runtime data obtained from the applications such as CPU, scheduler information from every running application, network calls, sensor data and so forth. For both phases, we have used supervised, machine learning based algorithms to train models and recognize malwares. In the first phase, potentially harmful applications can be identified as well as in the proposed hybrid mechanism, which is a combination of both phases. Data that was collected by several cybersecurity research centers were used for the evaluation of the proposed hybrid approach and both real-life malware and benign app data demonstrated a good detection performance with high scalability. The initial findings have been more accurate in identifying Android malwares rather than separating those two static and dynamic behaviors.Item Detection of cyber bullying on social media networks(Faculty of Science, University of Kelaniya, Sri Lanka, 2016) Priyangika. S.; Jayalal, S.Social Media is becoming an integral part of people’s daily lives today. It is an effective way of sharing one’s life experiences, special occasions, achievements and other events with their friends and family. Although it is a fruitful way to communicate with groups, some people find themselves being insulted or offended by others who are involved in certain post or conversations. These insulations can be based on racism, using profanity or any other vulgar or lewd language. This cyber bullying needs to be monitored and controlled by the social media site owners since it will highly effect on the number and safety of the active site membership. Currently, there is no automated process of identifying offensive comments by the social network site itself. It can be only diagnosed by humans after reading the comments, flagging or reporting them to the owner of the site or blocking the offender. Considering the massive big data set generated in social media daily, automatically detection of offensive statements is required to reduce insulation effectively. For this purpose, text classification approach can be applied where a given text will be categorized as insulting or not, through learning from a pre-learned model. In order to develop the model, data was collected from the popular data repository site named www.kaggle.com. The dataset consists of comments posted on Facebook and Twitter. Firstly the dataset was divided into training data set and test data set. Then the collected data was preprocessed by removing the unwanted strings, correcting words and eliminating duplicate data fields. In the next step, features or keywords were extracted which are qualified to distinguish a statement as ‘insulting’ using N-grams model and counting methods. Feature selection is done using Chi- Squared test and finally apply classification algorithms for separating insulting comments and non-insulting comments from a dataset given. Machine learning algorithms such as Support Vector Machines (SVM), Naïve Bayes, Logistic Regression and Random Forest are used for this. Out of the classification algorithms, SVM is to be performed better than other algorithms since this is a two-class classification problem and a comment is to be classified only into two separate classes which are ‘insulting’ and ‘neutral’. With an exact separation of a given comment into ‘insulting’ and ‘neutral’ category, cyberbullying happening through offensive comments posted on social media sites can be detected.